add csrf protection

2024-12-31 23:04:37 +00:00 · 2024-12-31 23:04:37 +00:00 · ef45c6cd28
commit ef45c6cd28
parent 642492411e
12 changed files with 38 additions and 0 deletions
--- a/src/Form/CompanyFormType.php
+++ b/src/Form/CompanyFormType.php
@ -50,6 +50,9 @@ class CompanyFormType extends AbstractType
    {
        $resolver->setDefaults([
            'data_class' => CompanyDetailsDto::class,
+            'csrf_protection' => true,
+            'csrf_field_name' => '_token',
+            'csrf_token_id' => 'company',
        ]);
    }
 }
--- a/src/Form/EditUserFormType.php
+++ b/src/Form/EditUserFormType.php
@ -54,6 +54,9 @@ class EditUserFormType extends AbstractType
    {
        $resolver->setDefaults([
            'data_class' => User::class,
+            'csrf_protection' => true,
+            'csrf_field_name' => '_token',
+            'csrf_token_id' => 'edit_user',
        ]);
    }
 }
--- a/src/Form/MemberCaseFormType.php
+++ b/src/Form/MemberCaseFormType.php
@ -67,6 +67,9 @@ class MemberCaseFormType extends AbstractType
    {
        $resolver->setDefaults([
            'data_class' => MemberCase::class,
+            'csrf_protection' => true,
+            'csrf_field_name' => '_token',
+            'csrf_token_id' => 'member_case',
        ]);
    }
 }
--- a/src/Form/MemberFormType.php
+++ b/src/Form/MemberFormType.php
@ -75,6 +75,9 @@ class MemberFormType extends AbstractType
    {
        $resolver->setDefaults([
            'data_class' => Member::class,
+            'csrf_protection' => true,
+            'csrf_field_name' => '_token',
+            'csrf_token_id' => 'member',
        ]);
    }
 }
--- a/src/Form/ReferralFormType.php
+++ b/src/Form/ReferralFormType.php
@ -39,6 +39,9 @@ class ReferralFormType extends AbstractType
    {
        $resolver->setDefaults([
            'data_class' => Referral::class,
+            'csrf_protection' => true,
+            'csrf_field_name' => '_token',
+            'csrf_token_id' => 'referral',
        ]);
    }
 }
--- a/src/Form/ReferralSourceFormType.php
+++ b/src/Form/ReferralSourceFormType.php
@ -24,6 +24,9 @@ class ReferralSourceFormType extends AbstractType
    {
        $resolver->setDefaults([
            'data_class' => ReferralSource::class,
+            'csrf_protection' => true,
+            'csrf_field_name' => '_token',
+            'csrf_token_id' => 'referral_source',
        ]);
    }
 }
--- a/src/Form/ResourceFormType.php
+++ b/src/Form/ResourceFormType.php
@ -98,6 +98,9 @@ class ResourceFormType extends AbstractType
    {
        $resolver->setDefaults([
            'data_class' => CommunityResource::class,
+            'csrf_protection' => true,
+            'csrf_field_name' => '_token',
+            'csrf_token_id' => 'community_resource',
        ]);
    }
 }
--- a/src/Form/StaffNoteFormType.php
+++ b/src/Form/StaffNoteFormType.php
@ -32,6 +32,9 @@ class StaffNoteFormType extends AbstractType
    {
        $resolver->setDefaults([
            'data_class' => StaffNote::class,
+            'csrf_protection' => true,
+            'csrf_field_name' => '_token',
+            'csrf_token_id' => 'staff_note',
        ]);
    }
 }
--- a/src/Form/SupervisorFormType.php
+++ b/src/Form/SupervisorFormType.php
@ -28,6 +28,9 @@ class SupervisorFormType extends AbstractType
    {
        $resolver->setDefaults([
            'data_class' => Supervision::class,
+            'csrf_protection' => true,
+            'csrf_field_name' => '_token',
+            'csrf_token_id' => 'supervisor',
        ]);
    }
 }
--- a/src/Form/SupervisorStaffNoteFormType.php
+++ b/src/Form/SupervisorStaffNoteFormType.php
@ -38,6 +38,9 @@ class SupervisorStaffNoteFormType extends AbstractType
    {
        $resolver->setDefaults([
            'data_class' => StaffNote::class,
+            'csrf_protection' => true,
+            'csrf_field_name' => '_token',
+            'csrf_token_id' => 'supervisor_staff_note',
        ]);
    }
 }
--- a/src/Form/UserCaseFormType.php
+++ b/src/Form/UserCaseFormType.php
@ -29,6 +29,9 @@ class UserCaseFormType extends AbstractType
    {
        $resolver->setDefaults([
            'data_class' => UserCase::class,
+            'csrf_protection' => true,
+            'csrf_field_name' => '_token',
+            'csrf_token_id' => 'user_case',
        ]);
    }
 }
--- a/src/Form/UserFormType.php
+++ b/src/Form/UserFormType.php
@ -10,6 +10,7 @@ use Symfony\Component\Form\AbstractType;
 use Symfony\Component\Form\Extension\Core\Type\CheckboxType;
 use Symfony\Component\Form\Extension\Core\Type\EmailType;
 use Symfony\Component\Form\Extension\Core\Type\EnumType;
+use Symfony\Component\Form\Extension\Core\Type\FileType;
 use Symfony\Component\Form\Extension\Core\Type\NumberType;
 use Symfony\Component\Form\Extension\Core\Type\PasswordType;
 use Symfony\Component\Form\Extension\Core\Type\TextType;
@ -71,6 +72,7 @@ class UserFormType extends AbstractType
                'class' => RateType::class,
            ])
            ->add('rate', NumberType::class)
+            ->add('imageName', FileType::class)
        ;
    }

@ -78,6 +80,9 @@ class UserFormType extends AbstractType
    {
        $resolver->setDefaults([
            'data_class' => User::class,
+            'csrf_protection' => true,
+            'csrf_field_name' => '_token',
+            'csrf_token_id' => 'user',
        ]);
    }
 }